Ns HTTP Test

This test monitors HTTP connections handled by the NetScaler appliance, and reveals whether all HTTP requests have been responded to, and whether any incomplete requests/responses have been received/sent by the NetScaler.

Target of the test : A Citrix NetScaler Appliance

Agent deploying the test : An external agent

Outputs of the test : One set of results for every Citrix NetScaler being monitored

Configurable parameters for the test
  1. TEST PERIOD – How often should the test be executed
  2. Host – The host for which the test is to be configured
  3. Port – Refers to the port used by the Citrix NetScaler appliance. By default, this is NULL.
  4. snmpport - The port number through which the monitored component exposes its SNMP MIB.
  5. SNMPVERSION – By default, the eG agent supports SNMP version 1. Accordingly, the default selection in the snmpversion list is v1. However, if a different SNMP framework is in use in your environment, say SNMP v2 or v3, then select the corresponding option from this list.
  6. SNMPCommunity – The SNMP community name that the test uses to communicate with the target device. This parameter is specific to SNMP v1 and v2 only. Therefore, if the snmpversion chosen is v3, then this parameter will not appear.
  7. username – This parameter appears only when v3 is selected as the snmpversion. SNMP version 3 (SNMPv3) is an extensible SNMP Framework which supplements the SNMPv2 Framework, by additionally supporting message security, access control, and remote SNMP configuration capabilities. To extract performance statistics from the MIB using the highly secure SNMP v3 protocol, the eG agent has to be configured with the required access privileges – in other words, the eG agent should connect to the MIB using the credentials of a user with access permissions to be MIB. Therefore, specify the name of such a user against the username parameter. 
  8. authpass – Specify the password that corresponds to the above-mentioned username. This parameter once again appears only if the snmpversion selected is v3.
  9. confirm password – Confirm the authpass by retyping it here.
  10. authtype – This parameter too appears only if v3 is selected as the snmpversion. From the authtype list box, choose the authentication algorithm using which SNMP v3 converts the specified username and password into a 32-bit format to ensure security of SNMP transactions. You can choose between the following options:

    • md5 – Message Digest Algorithm
    • sha – Secure Hash Algorithm
  1. encryptflag – This flag appears only when v3 is selected as the snmpversion. By default, the eG agent does not encrypt SNMP requests. Accordingly, the encryptflag is set to no by default. To ensure that SNMP requests sent by the eG agent are encrypted, select the yes option. 
  2. encrypttype – If the encryptflag is set to yes, then you will have to mention the encryption type by selecting an option from the encrypttype list. SNMP v3 supports the following encryption types:

    • des – Data Encryption Standard
    • AES – Advanced Encryption Standard
  1. encryptpassword – Specify the encryption password here.
  2. confirm password – Confirm the encryption password by retyping it here.
  3. timeout – Specify the duration (in seconds) beyond which the SNMP query issues by this test should time out. The default period is 10 seconds.
Measurements made by the test
Measurement Description Measurement Unit Interpretation

New HTTP requests

Indicates the number of new HTTP requests to the NetScaler device in the last measurement period.

Number

This is an indicator of workload on the NetScaler device.

HTTP 1.0 requests

Indicates the number of new HTTP v 1.0 requests to the NetScaler device in the last measurement period.

Number

Since HTTP 1.0 connections are not capable of providing information about the client's ability to accept compressed data, which is one of the features of the NetScaler devices, it is important to be able to monitor the number of HTTP 1.0 connections relative to the the total connections.

Requests with incomplete headers

Indicates the number of incomplete HTTP header received in the last measurement period with incomplete headers.

Number

The NetScaler performs content filtering by inspecting every incoming request according to user-configured rules, which are based on HTTP headers. If these headers are incomplete, the NetScaler would not be able to interpret the rules correctly, thus exposing the server to potential attacks. A high value of this measure is hence, undesirable; the reasons for the same should be investigated and the root-cause should be promptly addressed.

Incomplete HTTP requests

Indicates the number of incomplete HTTP requests received in the last measurement period.

Number

 

Incomplete responses

Indicates the number of incomplete HTTP responses from the NetScaler device during the last measurement period.

Number

This value should typically be small under normal operation.

Pipelined requests

Indicates the number of pipelined requests since the last measurement period.

Number

HTTP/1.1 allows multiple HTTP requests to be written out to a socket together without waiting for the corresponding responses. The requestor then waits for the responses to arrive in the order in which they were requested. The act of pipelining the requests can result in a dramatic improvement in page loading times, especially over high latency connections.

 

Server busy errors

Indicates number of HTTP requests for which server busy errors were sent during the last measurement period.

Number

Ideally, this value should be close to 0.

Http gets

Indicates the number of HTTP GETs received during the last measurement period.

Number

By analyzing HTTP GET and POST requests and filtering out known bad signatures, you can defend against HTTP-based attacks such as variants of Nimda and Code Red virus.

 

Http posts

Indicates the number of HTTP POSTs received during the last measurement period.

Number

HTTP responses

Indicates the number of new HTTP responses generated from the NetScaler device during the last measurement period.

Number

Compare the value of new requests and responses. These values should be close to each other. A significant deviation may indicate a bottleneck or malfunctioning of the NetScaler device.

HTTP 1.0 responses

Indicates the number of new HTTP v 1.0 responses sent back during the last measurement period.

Number